Breach Guide

Learn the steps to take in the event of a data breach and stay current on the cyber threat landscape with the FTC’s Data Breach Resources, FBI’s Daily Digest Library and San Diego’s Cyber Incident Response Guide.

Federal Trade Commission (FTC) Data Breach Resources

Find out the steps to take as a business or consumer if you experience a data breach.

ftc-gov

FBI Cyber Daily Digest Library

Stay current on the global threat landscape with the FBI’s daily circulation of published data breaches and articles.

  • Cyber criminal collaboration intensifies

    Source: ComputerWeekly.com By: Warwick Ashford 14August2019

    * The level of cooperation between high-profile cyber threat groups has shifted up a gear, enabling a higher level of automation and making attribution more difficult, research shows.
    * Closer relationships between these groups has resulted in a greater degree of sharing tools, which in turn is making it more difficult to identify which group is behind any particular cyber attack, according to the latest Cyber threatscape report from professional services firm Accenture.

  • How phishing attacks trick our brains

    Source: MIT Technology Review By: Patrick Howell O'Neill 8August2019

    * It's simple and effective: getting someone to click a malicious link in an email and enter private information such as a password is the most important skill in many hackers' toolkits. Phishing is the most common form of cyberattack and still growing.
    * And the reason it's so effective, according to research being done at Google and the University of Florida, is that it takes advantage of how the human brain works-and, crucially, how people fail to detect deception, depending on factors like emotional intelligence, cognitive motivation, mood, hormones, and even the victim's personality.
  • These Legit-Looking iPhone Lightning Cables Will Hijack Your Computer

    Source: Vice By: Joseph Cox 10August2019

    * It looks like an Apple lightning cable. It works like an Apple lightning cable. But it will give an attacker a way to remotely tap into your computer.
    * "It looks like a legitimate cable and works just like one. Not even your computer will notice a difference. Until I, as an attacker, wirelessly take control of the cable," the security researcher known as MG who made these cables told Motherboard after he showed me how it works at the annual Def Con hacking conference.
  • Zero-day flaw found in building control system

    Source: ITProPortal By: Michael Moore 12August2019

    * McAfee warns the vulnerability could allow full access to building systems.
    * Hackers could be able to hack into an entire building due to a worrying security flaw in a popular management software, researchers have revealed.
    * According to new analysus from McAfee, a vulnerability in a commonly used Delta industrial control system that could allow criminals to gain complete control and gain access to all a building's services.
  • UN probing 30 North Korean cyber attacks in 17 countries

    Source: The Straits Times
    By: FNU LNU
    Published: August 14, 2019

    * UN experts say they are investigating at least 30 instances in 17 countries of North Koreans using cyber attacks to raise money for weapons of mass destruction programmes - and they are also calling for sanctions against ships providing petrol and diesel to the isolated country.
    * Last week, The Associated Press (AP) quoted a summary of a report from the experts which said North Korea illegally acquired as much as US$2 billion (S$2.77 billion) from its increasingly sophisticated cyber activities against financial institutions and cryptocurrency exchanges.

  • Security warning for software developers: You are now prime targets for phishing attacks

    Source: ZDNet
    By: Danny Palmer
    Published: August 13, 2019

    * Cybercriminals targeting the technology industry commonly direct their phishing campaigns at software developers
    * Software developers are the people most targeted by hackers conducting cyberattacks against the technology industry, with the hackers taking advantage of the public profiles of individuals working in the high-turnover industry to help conduct their phishing campaigns.

  • Recent Phishing Attack on ProtonMail Accounts of Bellingcat Journalists Linked to Russia

    Source: CPO Magazine
    By: Scott Ikeda
    Published: August 13, 2019

    * Investigative news outlet Bellingcat has focused much of its eight years of work on high-level government controversies and cover-ups, particularly on issues in Russia in the past two years.
    * It would appear that someone in the country has taken an interest in them.
    * The ProtonMail email accounts of several Bellingcat journalists were targeted by a phishing campaign, which was ultimately not successful but provided leads that indicate Russian hacking groups backed by the government were involved.

  • Cybercriminals sell nearly 7 Million User credentials from recent StockX data breach

    Source: CyWare
    By: Ryan Stewart
    Published: August 12, 2019

    * The database contained personal information including user names, email addresses, addresses, shoe size, purchase history, and encrypted passwords.
    * The stolen user accounts came from a StockX data breach that occurred in July 2019.

  • State Farm Hit by Data Breach

    Source: AutoBody News
    By: Bethan Moorcraft
    Published: August 12, 2019

    * State Farm · the largest property and casualty insurance provider in the US - has been compromised in a credential stuffing attack. * The firm acknowledged the cyberattack, filing a data breach notification with the California Attorney General, and on Wednesday, Aug. 7, it sent out =93Notice of Data Breach=94 emails to users whose online account log-in credentials were obtained by a bad actor.

  • Automakers warm up to friendly hackers at cybersecurity conference

    Source: Reuters
    By: Tina Bellon
    Published: August 11, 2019

    * At a conference where hackers can try their hand at picking locks and discover cyber vulnerabilities in a makeshift hospital, they can also endeavor to break into the control units of cars and take over driving functions.
    * Those efforts at the DEF CON security convention in Las Vegas this weekend are sponsored by carmakers and suppliers that have increasingly recognized the need to collaborate with so-called white hat hackers - cyber experts who specialize in discovering vulnerabilities to help organizations.


San Diego Cyber Incident Response Guide

Learn more about San Diego’s region-wide cyber incident response guide and available local, state and federal resources.

San Diego Cyber Incident Response Guide October 2017